Penetration Testing mailing list archives
Bruter 1.1 released
From: Worawit Wang <worawita () gmail com>
Date: Sun, 2 Jan 2011 19:52:52 +0700
Bruter is a parallel network login brute forcer on Win32 platform only. It currently (1.1) supports following services: FTP, HTTP, IMAP, MSSQL, MySQL, POP3, PgSQL, SIP, SMB, SMTP, SNMP, SSH2, Telnet, VNC, Web-Form Source code, binary and documentation: http://sourceforge.net/projects/worawita Changelog (since 1.0): - Added protocols: PgSQL, SIP - Auto detect "Max Attempt/Connection" when set it to -1 - Add "Password First" option (see documentation for more detail) - Load/Save Setting also load/save service options - Load/Save Setting also load/save state if program is testing (Save state) - Added "wait for each try" option (to be able to slow down brute forcing) - Display "found valid credential" message in message tab - Fixed application sometimes crashs when using "Stop" - Fixed maximum text length of message tab to unlimited - Fixed HTTP library does not handle response code 100 correctly - Fixed miscellaneous bugs - Updated libssh2 binary to 1.2.6 - Updated openssl library to 1.0.0c - Documentaion updates FTP: - Able to detect multi-line greeting message sent in separate packets (faster) SIP: (new) - Support digest authentication with REGISTER method with expire=0 (unregister) - Support TCP/TLS with SIP-TCP SMB: - Allow multiple connections SSH2: - Modified the libssh2 to use less secure key exchange algorithm (a little faster) - Able to determine the connection state from libssh2 error (more reliable) - Able to stop testing immediately MSSQL: - Re-implemented for better understanding fields in login packet PgSQL: (new) - Support password, md5 authentication Email (SMTP, POP3, IMAP): - Support NTLM authentication - POP3: Support PLAIN, LOGIN authentication HTTP: (changed name from HTTP (Basic)) - Support NTLM authentication - Supoort Digest authentication Web Form: (changed name from HTTP (Form)) - Able to follow the 301,302 redirection (1 time) then checking the result - Fixed old cookies are not cleared when using "Load Form" in option dialog - Fixed POST method sending extra "\r\n\r\n" at the end (Thanks to faicker) If you have any comments, suggestions and problems, feel free to email me. Worawit Wangwarunyoo ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Bruter 1.1 released Worawit Wang (Jan 03)
- Fwd: Bruter 1.1 released Worawit Wang (Jan 04)